Faculty of Computer Science (Fredericton)

Pages

Achieve secure communications for mobile crowd sourcing applications
Achieve secure communications for mobile crowd sourcing applications
by Shreshth Kumar, Nowadays, almost everyone is carrying a mobile device with them wherever they go, and these mobile devices become a potential mine for user's personal data. Actually, mobile and other wearable technologies are equipped with various sensors that can collect different types of data. With all these sensor-rich devices, we can gather precise and accurate data and can use them to develop useful applications like monitoring traffic density, road conditions, recording census data of a location, etc. Obviously, the data must be extracted, transported and processed in bulk. In addition, since data from handheld devices usually has a location-time stamp attached, if the data is not processed carefully, it can reveal information about the user, like locations visited in the past, etc. Hence, a guideline must be set up to secure communications for Mobile Crowd Sourcing (MCS), so that the required data can be securely gathered for MCS applications while preserving users' privacy who shared the data. Aiming at this goal, in this report, we propose a framework to achieve secure communications for MCS applications., A Report Submitted in Partial Fulfillment of the Requirement for the Degree of Master of Computer Science
Achieving communication-efficient privacy-preserving range query in fog-based IoT
Achieving communication-efficient privacy-preserving range query in fog-based IoT
by Hassan Mahdikhani, Fog-based IoT (Internet of Things) is a fast-growing technology in which many firms and industries are currently investing to develop their own real-time and low latency decentralized data processing and analysis applications. It narrows down the gap between cloud and IoT end-devices as cloud computing is not a consistently perfect solution for many IoT applications. Compared with the traditional IoT solutions, fog-enabled IoT can offer a high level of compliance, better efficiency, and stronger security by providing local data pre-processing, filtering, and forwarding mechanisms. These benefits make the fog-enhanced IoT an appropriate paradigm for many IoT services in different applications varying from health monitoring systems to smart grids and even food manufacturing. However, fog-enhanced IoT arises many security and privacy concerns since fog nodes are deployed at the network edge and may not be fully trustable. Furthermore, fog is considered as a non-trivial extension of the cloud, and thus some security and privacy challenges will continue to persist. These challenges might affect the adaptation of fog computing into the IoT. At the same time, fog improves the IoT end-devices' security and privacy by offering an ideal platform to employ homomorphic encryption schemes. Homomorphic encryption schemes allow performing mathematical operations on ciphertexts without violating the IoT devices' privacy. This means that instead of separately delivering each IoT device's data to the control center, the fog nodes can forward the encrypted aggregated results. This alternative approach significantly reduces the communication overhead and greatly strengthens the security robustness. Thus, system developers can design data aggregation algorithms that yield more bandwidth-efficient, secure, and private schemes than traditional cloud deployment. In this thesis, we emphasize on range aggregate queries in fog-enhanced IoT. In particular, we carry on research on communication and computational efficient privacy-preserving range query processing schemes in which the querying user can efficiently execute range queries on IoT end-devices in the fog computing environment. The main contributions of this thesis can be summarized as 1) Taking the computational burden into consideration, we devise an efficient Symmetric Homomorphic Encryption (SHE) scheme. The proposed scheme maintains data privacy and security as well as supports homomorphic calculation in arithmetic circuits including both multiplication and addition operations. 2) To achieve higher communication performance, we develop some range decomposition/composition techniques to transfomr the range queries. These techniques transform a given range query [L; U] into corresponding data structures that realize privacy-preserving communication-efficient range aggregate query protocols. We develop three different decomposition/composition schemes and investigate their computational and communication performance. 3) Analysing the security of these developed schemes to ensure that proposed schemes are privacy-preserving, i.e. querying user's query and IoT end-devices' data can not be identified or profiled by not only fraudulent/dishonest but also honest-but-curious entities. 4) Conducting extensive performance evaluations to demonstrate the effectiveness of the proposed schemes in terms of communication outcomes and computational effort reduction.
Achieving continuous privacy-preserving histogram query in smart grid communications
Achieving continuous privacy-preserving histogram query in smart grid communications
by Kingsley Kwame Baah Larbi, Privacy has been taken very seriously in recent times with the introduction of the General Data Protection Regulation (GDPR) by the European Union (EU) and the addition of new rules to the existing Personal Information Protection and Electronic Documents Act (PIPEDA act) by the Canadian government. Governments are strengthening their stance on privacy by ensuring that organizations respect individuals' privacy rights. As such privacy within the smart grid in terms of usage data of customers must be treated with utmost importance. It is in this vein that this research is embarked on, a thesis which involves achieving a continuous histogram query in smart grid communications in a privacy preserving manner. Specifically, this research first gives a brief description of the smart grid from the aspects of characteristics for smart grid design, architecture of the smart grid, advantages and challenges of smart grid, current research focus in smart grid, security and privacy issues in smart grid communications and related works on privacy-preserving smart grid. Then, we employ Paillier Homomorphic Encryption to propose a continuous privacy-preserving histogram query scheme for secure smart grid communications, which can generate a histogram for a user-specified time period while preserving the privacy of residential users. The proposed scheme presents residential users' electricity usage data to the control center without violating their privacy. It does this by presenting all the users' electricity data into two forms of histogram data. The first form is the sum of each class of data, which sums up all the electricity usage data within a particular range and presents it to the control center. The second is the count of each class of data, which counts all the electricity usage data that has been added within a particular range and presents to the control center. Our scheme contains three phases, i.e., Report Generation, Report Aggregation and Array Recovery phase. We analyze the security of each phase and evaluate its performance. The results show that our scheme is privacy-preserving and efficient. Especially, the average time consumption for each of the phases is less than 20 ms in our evaluation.
Achieving more effective fraud detection
Achieving more effective fraud detection
by Masoud Erfani, Nowadays, most financial transactions are virtual all over the world. The rapid usage of credit cards and transnational online applications raises fraudulent activities using these services. So, fraud detection is one of the challenging real-world problems. One of the main challenges in fraud detection is imbalanced datasets, where there are very few cases of fraud and a massive amount of non-fraud samples. Also, the behavior of fraud changes frequently, making the learning process for the state-of-the-art machine learning binary classifiers complicated. As a result, in this thesis, we propose two effective frameworks for fraud detection to deal with this challenge. Our first framework consists of a novel preprocessing and subsampling step, which is followed by applying deep support vector data description for fraud detection. In our second framework, we introduce two versions of an ensemble of one-class classifiers. We utilize the Bootstrapping technique to create different training datasets for various weak learners to form a more robust model in the Bagging version. In our Stacking version, we divide the training dataset into two folds. We train the weak learners on the first fold. Then, we add their predictions on the remaining part of the training dataset to the second fold. Finally, the meta learner is trained on the second fold to make the final prediction. These two steps form a more robust model to deal with the imbalanced problem. Furthermore, we provide a trend analysis based on the size of the training, test datasets, and performance of the model using Area Under the Receiver Operating Characteristic Curve (ROC-AUC), Average Precision (AP), and F1 measures as metrics based on a real-world dataset. Also, we evaluate our frameworks on a publicly available synthetic datasets to measure their performance in a complex situation. Finally, based on the results, our both approaches outperform SVM and Random Forest as the state-of-the-art binary classifiers in different scenarios. They achieve remarkable performance in terms of AP, ROC-AUC, and F1 measures equal to 90%, 93%, and 85% (Best results), respectively., Electronic Only.
Active tracking with accelerated image processing in hardware
Active tracking with accelerated image processing in hardware
by Alexander Bochem, This thesis work presents the implementation and validation of image processing problems in hardware to estimate the performance and precision gain. It compares the implementation for the addressed problem on a Field Programmable Gate Array (FPGA) with a software implementation for a General Purpose Processor (GPP) architecture. For both solutions the implementation costs for their development is an important aspect in the validation. The analysis of the exibility and extendability that can be achieved by a modular implementation for the FPGA design was another major aspect. One addressed problem of this work is the tracking of the detected BLOBs in continuous image material. This has been implemented for the FPGA platform and the GPP architecture. Both approaches have been compared with respect to performance and precision. This research project is motivated by the MI6 project of the Computer Vision research group, which is located at the Bonn-Rhein-Sieg University of Applied Sciences. The intent of the MI6 project is the tracking of a user in an immersive environment. The proposed solution is to attach a light emitting device to the user for tracking the emitted light dots on the projection surface of the immersive environment. Having the center points of those light dots would allow the estimation of the user's position and orientation. One major issue that makes Computer Vision problems computationally expensive is the high amount of data that has to be processed in real-time. Therefore, one major target for the implementation was to get a processing speed of more than 30 frames per second. This would allow the system to realize feedback to the user in a response time which is faster than the human visual perception. One problem that comes with the idea of using a light emitting device to represent the user, is the precision error. Dependent on the resolution of the tracked projection surface of the immersive environment, a pixel might be several cm2 in size. Having a precision error of only a few pixels, might lead to an offset in the estimated user's position of several cm. In this research work the development and validation of a detection and tracking system for BLOBs on a Cyclone II FPGA from Altera has been implemented. The system supports different input devices for the image acquisition and can perform detection and tracking for five to eight BLOBs. A further extension of the design with other input devices or to support the detection is possible with some constraints, which comes with the available resources on the target platform. Additional modules for compressing the image data based on run-length encoding and sub-pixel precision for the computed BLOB center-points have been designed. For the comparison of the FPGA approach for BLOB tracking a similar implementation in software using a multi-threaded approach has been realized. The system can transmit the detection or tracking results on two available communication interfaces, USB and RS232. The analysis of the hardware solution showed a similar precision for the BLOB detection and tracking as the software approach. One problem is the large increase of the allocated resources when extending the system to process more BLOBs. With one of the target platforms, the DE2-70 board from Altera, the BLOB detection could be extended to process up to thirty BLOBs. The implementation of the tracking approach in hardware required much more effort than the software solution. The design of high level problems in hardware for this case are more expensive than the software implementation. The search and match steps in the tracking approach could be realized more efficiently and reliably in software. The additional pre-processing modules for sub-pixel precision and run-length-encoding helped to increase the system's performance and precision., Degree name on title page is mislabeled as "Master of Science In the Graduate Academic Unit of Computer Science" Changed to "Master of Computer Science.." Electronic Only. (UNB thesis number) Thesis 8658 (OCoLC) 960872346, M.C.S., University of New Brunswick, Faculty of Computer Science, 2010.
Adding SIMD support to improve performance of Eclipse OpenJ9 on the AArch64 platform
Adding SIMD support to improve performance of Eclipse OpenJ9 on the AArch64 platform
by Md Alvee Noor, Just-in-time (JIT) compilers achieve application portability and improved management of large code-bases by abstracting the architecture specific details from the programmers. A large number of compiler optimization techniques make this a subject undergoing intense study, over the last few decades. Eclipse OMR is a robust language runtime builder, and Eclipse OpenJ9 is a managed language runtime that consumes OMR. The targeted domains of OMR and OpenJ9 include AArch64, a 64-bit extended version of the ARM architecture. AArch64 features compatibility to the user-space, along with the pre-existing 32-bit AArch32 architecture. AArch64 is a popular member of the embedded computing market, where computing infrastructure resources (i.e., CPU, memory) are constrained. This thesis discusses the steps taken to add Single Instruction Multiple Data (SIMD) support to OMR for AArch64, and relevant OMR tril tests to confirm the appropriate functioning of the implemented mechanisms. The implementation of advanced SIMD and floating-point instructions are also discussed, which cover vectorized mathematical operations, including addition, subtraction, multiplication, and division for supported data-types. We present two microbenchmarks VectorizationMicrobenchmark and Sepia Tone Filter and a set of standard benchmarks, which leverage the OpenJ9 autovectorization process in AArch64. The AArch64 vectorized operations are evaluated against non-vectorized, but similar operations using Eclipse OpenJ9. Our microbenchmarks show improvements of up to four times in execution speed of certain vector arithmetic operations.
Ahead-of-time compilation of WebAssembly using Eclipse OMR
Ahead-of-time compilation of WebAssembly using Eclipse OMR
by Petar Jelenkovic, The variety of available computing machines limits the portability of programs. The primary hindrance is that programs are designed towards an interface espoused by a machine. However, other systems can run programs designed for a different interface using a virtual machine. An approach for enhancing program portability is to design programs for a virtual machine with a simplified interface. For example, programs written in the C language can be compiled to theWebAssembly code format. WebAssembly was chosen for this research due to its simple syntax, static structure, recent interest from the research community and existing implementation with Eclipse OMR. The development of language virtual machines often includes the implementation of an interpreter and a compiler. While interpreters primarily provide a sound implementation described by a language specification, compilers have the additional requirement of generating optimized machine code. This task can be facilitated using the Eclipse OMR toolkit for language runtime construction. The relocation infrastructure and shared code cache are two features for aheadof- time (AOT) compilation in Eclipse OMR and are currently in development. The research in the thesis shows an implementation of these two Eclipse OMR AOT compilation features in a language runtime. The WebAssembly AOT compiler, called Wabtaot, that is presented in this thesis leverages Eclipse OMR relocation infrastructure and shared code cache features. The comparison of Wabtaot with WebAssembly runtimes implemented using other compiler technologies demonstrates that the implementation of a language runtime using Eclipse OMR AOT compiler framework is viable and its performance is competitive. Relative to Wasmjit-OMR, a Web- Assembly compiler implemented using Eclipse OMR just-in-time compiler features, Wabtaot significantly reduces execution time for repeated execution ofWebAssembly modules.
Algorithmic and geometric aspects of data depth with focus on ꞵ-skeleton depth
Algorithmic and geometric aspects of data depth with focus on ꞵ-skeleton depth
by Rasoul Shahsavarifar
An SMS-based mobile botnet detection framework using intelligent agents
An SMS-based mobile botnet detection framework using intelligent agents
by Abdullah J. Alzahrani, Along with increasing security measures in Android platforms, the amount of Android malware that use remote exploits has grown significantly. Using mobile botnets, attackers concentrate on reliable attack vectors such as SMS messages. Short Message Service (SMS) has been increasingly targeted by a number of malicious applications ("apps") that have the ability to abuse SMS features in order to send spam, to transfer command and control (C&C) instructions, to distribute malicious applications via URLs embedded in text messages, to send text messages to premium-rate numbers, and to exploit smartphones. Efficient detection and defence techniques that use filtering and blocking methods for SMS botnets is therefore an urgent necessity. Unfortunately, most botnet detection solutions proposed so far are reactive; that is, they require a large amount of data in order to effectively generate signatures and filtering rules to differentiate between normal and malicious SMS messages. By using proactive approaches such as a multi-agent system, agents can monitor certain environments and report abnormal behaviour in order to protect user data. In this thesis, we propose an SMS-based botnet detection framework using intelligent agents that are used to detect malicious SMS messages and monitor smartphone resources which are typically targeted by SMS botnet attacks. The proposed detection framework is based on a multi-layer model which consists of three modules and intelligent agents. The first is an SMS signature-based detection module which can be used to combat SMS botnets, in which we first apply pattern-matching detection approaches for incoming and outgoing SMS text messages, and then use rule-based techniques to label unknown SMS messages as suspicious or normal. The second module, an anomaly-based detection module, employs unsupervised learning techniques, using clustering algorithms to group SMS messages into four class labels and to classify reported text messages to one of those four classes. The module also uses a robust and efficient behavioural profiling analysis to detect whether there are any correlations between classification results and alerts from profiling analysis. Rule-based correlations are used to label SMS messages as either normal or malicious. The third module is a defence module that can be used as a more proactive approach which directly generates signatures and rules in order to protect Android smartphones from abuse by SMS botnets. This module is used to generate signatures of malicious SMS messages, to update phone number blacklists, to analyze malicious applications and to send feedback to Android smartphones so that the user can take action. Finally, a multi-agent system that can be used to observe Android mobile devices and to interact with service provider agents in order to detect malicious applications and SMS botnet activities on Android mobile devices. We have developed an intelligent and proactive framework that scans incoming and outgoing text messages, monitors Android resources and observes user usage that includes user connectivity time. The framework creates a user profile that is used to perform behavioural profiling analysis in order to identity malicious SMS and cut the C&C Channel. The proposed framework has been implemented using JADE agents. We demonstrate the capability of the multi-agent system, signature-based detection, anomaly-based detection module, and defence module in accurately detecting SMS botnets, we conduct different experiments in three phases. In the first phase, we focus on evaluating the efficiency of the SMS signature detection module in Android devices. This module was evaluated using over 12,000 test messages. It was able to detect all 747 malicious SMS messages in the dataset (100% detection rate with no false negatives). It also flagged 351 SMS messages as suspicious. A comprehensive performance analysis of the anomaly-based detection module is conducted in the second phase. The detection performance of the anomaly-based detection module has an average accuracy of 95% and an average of false negative rate is 3.95% on applied datasets. After having studied the performance of each module individually, in the last phase, we analyzed the overall performance of the proposed framework and provided a thorough analysis of JADE agents monitoring mechanism after demonstrating the capability of each module individually. We used approximately 60,000 test messages to evaluate the proposed framework. The signature detection agents reported 165 malicious SMS messages and 3,081 suspicious SMS messages. The anomaly-based detection module labelled 941 SMS messages as malicious., Electronic Only., Ph.D. University of New Brunswick, Faculty of Computer Science, 2017.
An anomaly detection framework for DNS-over-HTTPS (DoH) tunnel using time-series analysis
An anomaly detection framework for DNS-over-HTTPS (DoH) tunnel using time-series analysis
by Mohammadreza MontazeriShatoori, Domain Name System (DNS) as a network protocol is vulnerable to several security loopholes. To cover up some of the vulnerabilities in DNS, a new protocol, named DNS over HTTPS (DoH), is created to improve privacy, and protect from various persistent attacks. The DoH protocol encrypts the DNS requests for the DoH client and sends it through a tunnel to prevent eavesdropping and man-in-the-middle attacks. This research work comprehensively studies these security vulnerabilities, proposes a taxonomy of potential DNS attacks, analyzes the security aspects of DoH protocol, and classifies DNS attacks that are applicable on DoH. To achieve these objectives, we simulated DoH tunnels. The simulated environment covers different DoH deployment scenarios includes DoH within an application, DoH proxy on the name server in the local network, and DoH proxy on a local system as suggested in RFC8484. In this research, we captured malicious and benign DoH traffic and analyzed it as a two-layered approach to classify benign and malicious traffic at first layer and characterize DoH traffic at second layer. It is observed that for statistical features, Random Forest (RF) and Decision Tree (DT) give the best classification and characterization results among prominent machine learning and deep learning classifiers at first and second layer, respectively. Moreover, for time-series features, long short-term memory (LSTM) turns out to be the best classifier for DoH traffic classification and characterization at first and second layers, respectively. The experimental results indicate that while DoH can be abused to create covert communication channels, the proposed solution is sufficient to detect these channels in a timely manner.
An automatic approach to discover lexical semantic differences in varieties of English
An automatic approach to discover lexical semantic differences in varieties of English
by Priyal Nagra, The English language is not uniform. Speakers of English in different parts of the world can use the same word, but with different meanings. Investigating lexical semantic differences in varieties of English such as American, Australian, British, Canadian is an interesting area of research in computational linguistics. We use corpora of varieties of English to detect words that changed their meaning from one variety to another. Methods of automatically identifying lexical variation used in this work are the distributional semantic models, measures of keywords, and word embedding models inspired by neural network language models. We determine whether word embedding models can detect lexical semantic differences between varieties of English better than distributional similarity approaches and approaches based on keywords. This study presents the first important step towards a robust application of word embeddings to variational linguistics. Our results indicate that word embeddings perform best among all other methods in 2 out of 3 cases.
An automatic authorship attribution technique for Android applications
An automatic authorship attribution technique for Android applications
by Hugo F. Gonzalez Robledo

Pages

Zircon - This is a contributing Drupal Theme
Design by WeebPal.